<?php
ini_set( 'display_errors', 1 );
ini_set( 'display_startup_errors', 1 );
error_reporting( E_ALL );

include_once( 'lib/YDB.php' );
include_once( 'lib/L.php' );
include_once( 'lib/CPayment.php' );
//L::vars();
//L::log( 'test' );
//CPayment::operPay();
//include( 'test.php' );

if ( isset( $_POST[ 'RESULT' ] ) ) // response
{
	L::vars( array( '_POST' => true ) );
	CPayment::response( $_POST );
}
else // request
{
	if ( isset( $_GET[ 'finish' ] ) && isset( $_GET[ 'rrn' ] ) ) // finish by rrn
		CPayment::finish( $_GET[ 'rrn' ] );
	//finish( $_GET[ 'rrn' ] );
	elseif ( isset( $_GET[ 'cancel' ] ) && isset( $_GET[ 'rrn' ] ) ) // cancel by rrn
		CPayment::cancel( $_GET[ 'rrn' ] );
	elseif ( isset( $_GET[ 'preauth' ] ) && isset( $_GET[ 'amount' ] ) && isset( $_GET[ 'desc' ] ) )
		CPayment::preauth( $_GET[ 'amount' ], $_GET[ 'desc' ] );
	else
		// TODO: get product, put here price, product_code, name and URL to this product
		CPayment::pay( rand( 1000, 25000 ), "для товара с кодом " . rand( 1000000, 9999999 ), 'http://raybt.ru/' );
}

function finish()
{
	function getHMAC()
	{
		$hmac = '';
		foreach ( func_get_args() as $arg )
			$hmac .= strlen( $arg ) . $arg;
		return $hmac;
	}

	$order      = 20131220121237; // from Approved pay
	$amount     = 14637; // from Approved pay
	$currency   = 'RUB';
	$org_amount = 0; // from Approved pay
	$rrn        = '335417541678'; // from Approved pay
	$int_ref    = '7038AFAF3EFA2DB3'; // from Approved pay
	$trtype     = '21';
	$terminal   = '79036861';
	$backref    = 'http://raybt.ru/';
	$email      = 'almatov.us@gmail.com';
	$timestamp  = gmdate( "YmdHis", time() );
	$nonce      = md5( $timestamp );
	$key        = 'C50E41160302E0F5D6D59F1AA3925C45';

	$hmac = getHMAC( $order, $amount, $currency, $org_amount, $rrn, $int_ref, $trtype, $terminal, $backref, $email, $timestamp, $nonce );

	$p_sign = strtoupper( hash_hmac( 'sha1', $hmac, pack( 'H*', $key ) ) );

	$out = '<html>
		                <body>
		                    <form action="http://193.200.10.117:8080/cgi-bin/cgi_link" method="post">
		                        <input type="HIDDEN" value="' . $order . '" name="ORDER">
		                        <input type="HIDDEN" value="' . $amount . '" name="AMOUNT">
		                        <input type="HIDDEN" value="' . $currency . '" name="CURRENCY">
		                        <input type="HIDDEN" value="' . $org_amount . '" name="ORG_AMOUNT">
		                        <input type="HIDDEN" value="' . $rrn . '" name="RRN">
		                        <input type="HIDDEN" value="' . $int_ref . '" name="INT_REF">
		                        <input type="HIDDEN" value="' . $trtype . '" name="TRTYPE">
		                        <input type="HIDDEN" value="' . $terminal . '" name="TERMINAL">
		                        <input type="HIDDEN" value="' . $backref . '" name="BACKREF">
		                        <input type="HIDDEN" value="' . $email . '" name="EMAIL">
		                        <input type="HIDDEN" value="' . $timestamp . '" name="TIMESTAMP">
		                        <input type="HIDDEN" value="' . $nonce . '" name="NONCE">
		                        <input type="HIDDEN" value="' . $p_sign . '" NAME="P_SIGN">
		                        <input type="SUBMIT" style="display:none;" value="">
		                    </form>
		                </body>
		        </html>';

	echo $out;
	echo '<script type="text/javascript">window.onload=function(){document.forms[0].submit()}</script>';
}